Skip to content

Commit

Permalink
adjust dependency check plugin
Browse files Browse the repository at this point in the history
  • Loading branch information
@infeo
infeo committed Dec 13, 2023
1 parent daade88 commit 6702982
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/dependency-check.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ jobs:
- name: Run org.owasp:dependency-check plugin
id: dependency-check
continue-on-error: true
run: mvn -B verify -Pdependency-check -DskipTests
run: mvn -B validate -Pdependency-check
env:
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
- name: Upload report on failure
Expand Down
4 changes: 4 additions & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,14 +182,18 @@
<artifactId>dependency-check-maven</artifactId>
<version>${dependency-check.version}</version>
<configuration>
<nvdValidForHours>24</nvdValidForHours>
<failBuildOnCVSS>6</failBuildOnCVSS>
<skipTestScope>true</skipTestScope>
<detail>true</detail>
<nvdApiKey>${env.NVD_API_KEY}</nvdApiKey>
</configuration>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
<phase>validate</phase>
</execution>
</executions>
</plugin>
Expand Down

0 comments on commit 6702982

Please sign in to comment.